Programmable integrated circuits (ICs) are user configurable and capable of implementing digital logic operations. There are several types of programmable ICs, including Complex Programmable Logic Devices (CPLDs) and Field Programmable Gate Arrays (FPGAs), and System on Chips (SOCs), for example. CPLDs include function blocks based on programmable logic array (PLA) architecture and programmable interconnect lines to route and transmit signals between the function blocks. FPGAs may include configurable logic blocks (CLBs) arranged in rows and columns, input output blocks (IOBs) surrounding the CLBs, and programmable interconnect lines that route and transmit signals between the CLBs. In other FPGAs, IOBs are arranged in columns between the columns of other logic. Each CLB includes look-up tables and other configurable circuitry that is programmable to implement a logic function. The function blocks of CPLDs, CLBs of FPGAs and interconnect lines are configured by data stored in a configuration memory of the respective devices. SOCs may include in a single die or package, one or more general purposes of special purpose processor cores, memory, input/output circuitry, and programmable logic.
Designs implemented on programmable ICs have become complex. Due to the time and investment required for design and debugging, it is desirable to protect the design from unauthorized copying. Many programmable logic ICs use volatile configuration memory that must be loaded from an external device, such as a Programmable Read-Only Memory (PROM), every time the programmable logic is powered up. Since configuration data is stored external to the programmable logic and must be transmitted through a configuration access port, the design can easily be revealed to an attacker by monitoring the data on the configuration access port during configuration. Other programmable logic ICs, including some FPGAs, include at least some non-volatile configuration memory within the device. However, even when a device is configured with internally stored configuration memory, configuration data can still be accessed if the designer releases configuration data to update the device.
Efforts have been made to encrypt designs, but it is difficult to make the design both secure from attackers and easy to upgrade by legitimate users. Several encryption algorithms, for example, the standard Data Encryption Standard (DES) and the more secure Advanced Encryption Standard (AES) algorithms, are known for encrypting blocks of data. However, a key must somehow be communicated in a secure way to the structure that decrypts the design, so the design can be decrypted before being used to configure the programmable logic. Once the programmable logic has been configured using the unencrypted design, the design must continue to be protected from unauthorized discovery.
A decryption key may be stored in non-volatile memory of a programmable integrated circuit (IC), and an encrypted bitstream may be loaded into the IC and decrypted using the key within the programmable IC. This prevents an attacker from reading the bitstream as it is being loaded into the programmable IC. However, this structure may not protect against obtaining the decryption key from the memory cells through reverse engineering. Also, a battery may be required for backup power to maintain the decryption key in the IC.